Kubernetes

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration

cloud security, GKE, Google Chrome, Kubernetes, Orca Security, Vulnerabilities /

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration 2024-01-24 at 17:48 By Ionut Arghire Attackers could take over a Kubernetes cluster if access privileges are granted to all authenticated users in Google Kubernetes Engine. The post Orca Flags Dangerous Google Kubernetes Engine Misconfiguration appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Orca Flags Dangerous Google Kubernetes Engine Misconfiguration Read More »

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover

cloud security, GKE, Kubernetes, Vulnerabilities /

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover 2023-12-29 at 14:02 By Ionut Arghire Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster. The post Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover Read More »

5 open-source tools for pentesting Kubernetes you should check out

Don't miss, GitHub, Hot stuff, Kubernetes, News, open source, penetration testing, software /

5 open-source tools for pentesting Kubernetes you should check out 06/12/2023 at 08:02 By Help Net Security Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. However, with its widespread adoption, Kubernetes environments

React to this headline:

Loading spinner

5 open-source tools for pentesting Kubernetes you should check out Read More »

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets

Aqua Security, cloud security, container, Data Breaches, Kubernetes, supply chain, Supply Chain Security /

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets 22/11/2023 at 20:31 By Ryan Naraine Researchers at Aqua call urgent attention to the public exposure of Kubernetes configuration secrets, warning that hundreds of organizations are vulnerable to this “ticking supply chain attack bomb.” The post Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets appeared first on

React to this headline:

Loading spinner

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets Read More »

k0smotron: Open-source Kubernetes cluster management

Aurigo Software Technologies, cybersecurity, GitHub, Kubernetes, Mirantis, News /

k0smotron: Open-source Kubernetes cluster management 14/11/2023 at 07:32 By Help Net Security Open-source solution k0smotron is enterprise-ready for production-grade Kubernetes cluster management with two support options. Kubernetes cluster management Management and worker planes do not have to run on the same infrastructure provider, making k0smotron ideal for consolidating Kubernetes control planes for edge, hybrid, and

React to this headline:

Loading spinner

k0smotron: Open-source Kubernetes cluster management Read More »

Kubernetes adoption creates new cybersecurity challenges

Cloud, cybersecurity, Kubernetes, News, report, software development, survey, Venafi /

Kubernetes adoption creates new cybersecurity challenges 13/11/2023 at 07:33 By Help Net Security To maintain a competitive edge, modern organizations are evolving toward highly scalable, flexible and resilient applications – leading to the widespread adoption of cloud native technologies like Kubernetes, according to Venafi. Security challenges in cloud native environments In fact, 84% of security

React to this headline:

Loading spinner

Kubernetes adoption creates new cybersecurity challenges Read More »

Organizations lack the skills and headcount to manage Kubernetes

Artificial Intelligence, automation, CIO, Compliance, cybersecurity, DevOps, Kubernetes, News, patching, report, Spectro Cloud, survey /

Organizations lack the skills and headcount to manage Kubernetes 10/11/2023 at 07:02 By Help Net Security The Kubernetes industry is undergoing rapid change and evolution due to the growth of edge computing, the acceleration of AI, and the pressing need to modernize Kubernetes management in response to increasing technology scale and complexity, according to Spectro

React to this headline:

Loading spinner

Organizations lack the skills and headcount to manage Kubernetes Read More »

Aqua Trivy open-source security scanner now finds Kubernetes security risks

Aqua Security, cybersecurity, Don't miss, GitHub, Kubernetes, News, scanning, software /

Aqua Trivy open-source security scanner now finds Kubernetes security risks 08/11/2023 at 08:31 By Mirko Zorz The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua

React to this headline:

Loading spinner

Aqua Trivy open-source security scanner now finds Kubernetes security risks Read More »

Kubescape 3.0 elevates open-source Kubernetes security

ARMO, GitHub, Kubernetes, News, open source, software /

Kubescape 3.0 elevates open-source Kubernetes security 07/11/2023 at 08:32 By Help Net Security Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Vulnerability scan results Kubescape 3.0 features Kubescape 3.0 adds new features that make it easier for organizations to secure their Kubernetes clusters, including: Compliance

React to this headline:

Loading spinner

Kubescape 3.0 elevates open-source Kubernetes security Read More »

The role of Kubernetes in modern app management

Canonical, D2iQ, KSOC, Kubernetes, Red Hat, Video /

The role of Kubernetes in modern app management 06/11/2023 at 07:03 By Help Net Security Kubernetes, often abbreviated as K8s, is an open-source container orchestration platform that has redefined the way modern applications are developed, deployed, and managed. Born out of Google’s internal container orchestration system, Kubernetes has become the de facto standard for containerized

React to this headline:

Loading spinner

The role of Kubernetes in modern app management Read More »

Securing GitHub Actions for a safer DevOps pipeline

CISA, Cloud, cloud security, credentials, cybersecurity, DevOps, Don't miss, Features, GitHub, Hot stuff, Kubernetes, monitoring, News, NSA, open source, opinion, StepSecurity /

Securing GitHub Actions for a safer DevOps pipeline 02/10/2023 at 07:32 By Mirko Zorz GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to establish workflows that build and test each pull request in your repository and deploy approved pull requests

React to this headline:

Loading spinner

Securing GitHub Actions for a safer DevOps pipeline Read More »

Kubernetes attacks in 2023: What it means for the future

attacks, Cloud, containers, cybersecurity, Don't miss, Hot stuff, KSOC, Kubernetes, Video /

Kubernetes attacks in 2023: What it means for the future 28/09/2023 at 07:01 By Help Net Security In 2023, a wave of new attacks targeting Kubernetes has been reported, from Dero and Monero crypto mining to Scarleteel and RBAC-Buster. In this Help Net Security video, Jimmy Mesta, CTO at KSOC, explores what it would take

React to this headline:

Loading spinner

Kubernetes attacks in 2023: What it means for the future Read More »

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676)

Akamai, Don't miss, Hot stuff, Kubernetes, News, security update, vulnerability, Windows /

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) 18/09/2023 at 14:32 By Helga Labus Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, discovered by Akamai researcher Tomer Peled, is a command injection vulnerability that

React to this headline:

Loading spinner

Kubernetes vulnerabilities allows RCE on Windows endpoints (CVE-2023-3676) Read More »

Kubernetes Vulnerability Leads to Remote Code Execution

cloud security, Kubernetes, Vulnerabilities /

Kubernetes Vulnerability Leads to Remote Code Execution 14/09/2023 at 16:50 By Ionut Arghire A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster. The post Kubernetes Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Kubernetes Vulnerability Leads to Remote Code Execution Read More »

Kubernetes clusters face widespread attacks across numerous organizations

Aqua Security, cybersecurity, Don't miss, Hot stuff, Kubernetes, misconfiguration, open source, threats, Video /

Kubernetes clusters face widespread attacks across numerous organizations 17/08/2023 at 07:02 By Help Net Security In this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected Kubernetes clusters belonging to more than 350 organizations, open-source projects, and individuals. At least 60% of these

React to this headline:

Loading spinner

Kubernetes clusters face widespread attacks across numerous organizations Read More »

Cloud-native security hinges on open source

containers, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Kubernetes, open source, opinion, SUSE /

Cloud-native security hinges on open source 22/06/2023 at 07:33 By Help Net Security Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open source is the critical piece

React to this headline:

Loading spinner

Cloud-native security hinges on open source Read More »

How to create SBOMs for container images

cybersecurity, Data Defenders Forum, Don't miss, Expert analysis, Expert corner, Kubernetes, News, opinion, supply chain, threats /

How to create SBOMs for container images 21/06/2023 at 09:06 By Help Net Security The importance of software bills of materials (SBOMs) has grown substantially in recent years as organizations recognize the need for greater transparency in the software supply chain. This focus on SBOMs is a response to increasing cybersecurity threats and legislative efforts

React to this headline:

Loading spinner

How to create SBOMs for container images Read More »

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs

cybersecurity, GitHub, Kubernetes, News /

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs 10/05/2023 at 09:26 By Help Net Security Kubernetes Security Operations Center (KSOC) released the first-ever Kubernetes Bill of Materials (KBOM) standard. Available in an open-source CLI tool, this KBOM enables cloud security teams to understand the scope of third-party tooling in their

React to this headline:

Loading spinner

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs Read More »

Scroll to Top